data security in the academic health center
play

Data Security in The Academic Health Center Presented By Jon - PDF document

Jan 05, 2024 •248 likes •367 views

School of Nursing Research Seminar Data Security in The Academic Health Center Presented By Jon Harper AHC Information Systems 1 Overview of AHC-IS and Supported Services Provide desktop support to ~8500+ workstations/laptops

  1. School of Nursing Research Seminar Data Security in The Academic Health Center Presented By Jon Harper – AHC Information Systems 1

  2. Overview of AHC-IS and Supported Services • Provide desktop support to ~8500+ workstations/laptops (including Windows and Apple computers) • Includes support for over 5000 AHC faculty and staff (including select UMP and Fairview employees) • Limited support for tablets, phones, or other handheld devices • Does not include personally owned workstations or laptops Overview of AHC-IS and Supported Services • Typical Services Provided For AHC-IS supported devices • Technical support via AHC-IS help desk • Walk-in technical support via the AHC-IS Tech Center located in Diehl Hall Bio-Medical Library • Assistance via remote sessions • Tier 2 on-site desktop support (i.e., hardware troubleshooting/repair, software installation/configuration, Email setup, workstation moves, and limited mobile device support) 2

  3. Overview of AHC-IS and Supported Services • Typical Services Provided For AHC-IS supported devices (Cont.) • Hardware procurement, configuration, installation, and recycling • Laptop and workstation disk encryption • File storage/access and backup via AHC-IS managed servers • Respond to security incidents such as virus infections, suspected data breaches, or stolen devices Access to AHC-IS Support and Resources • For AHC-IS Supported Users/Devices • Contact our help desk at 626-5100 • Email ahc-is@umn.edu • Forms.ahc.umn.edu to request service • Data/File Server Access Request – add/modify/delete server access for an individual. Also used when someone leaves department • Request For Purchase – Request the purchase of computers, hardware, or software with University funds. • Add Existing Computer to Support – If a machine is added to support AHC-IS staff will configure it to comply with University policy 3

  4. Data Within the AHC • Data Classification • Data within the AHC is classified as Private – Highly restricted • Units within the AHC have a security rating of “High” • Important to note as these classifications guide how data must be protected • Types of private data can include more than just patient data • For examples of public vs. private data see http://policy.umn.edu/operations/publicaccess-appc • For questions regarding specific types of private data or data you are responsible for, contact privacy@umn.edu Collaborating Inside/Outside the University Only share private data with people authorized to view data via: • Departmental Data Owner/Approver (for University employees) • Data Usage Agreement (DUA) • Typically required by a data owner from a third party such as a healthcare provider • Business Associate Agreement (BAA) • Contact privacy@umn.edu for questions about establishing a BAA with a third party provider, vendor, etc. 4

  5. Collaborating Inside/Outside the University (Cont.) Current Methods to Share Data • AHC-IS File Servers • Secure • Backed up nightly • Configured to comply with University policies regarding “Private – Highly Restricted” data • Google Drive • Available to anyone with a University Gmail account • Sharing via the “Anyone with the link” option should not be used – too easy for accidental/unauthorized access • Store University private data only on a UMN Google Drive account • Google Drive should not be used to store PHI Collaborating Inside/Outside the University (Cont.) Current Methods to Share Data (cont.) • University Gmail • Email between UMN, UMP, and Fairview is considered secure • Private data (including PHI) should not be sent outside the University unless absolutely necessary • If private data must be sent via Email to someone outside the three organizations listed above, the data should be encrypted • Email is not encrypted by default; extra tools must be used to encrypt data before it is sent • In all cases regarding PHI, only the minimum amount of PHI necessary should be sent via Email. • For specific guidelines on sending PHI via Email see http://hub.ahc.umn.edu/sites/default/files/email-policy-protected-health-information.pdf • If you need further clarification contact privacy@umn.edu 5

  6. Collaborating Inside/Outside the University (Cont.) • Currently, there is a gap at the University in being able to provide a compliant collaboration service with external entities • Netfiles, the current collaboration tool is being retired in April 2016; no new users are being added • Workarounds include sponsored accounts, encrypting data before sending to external entities, and in select cases providing remote access to AHC-IS file servers/data • OIT in conjunction with AHC-IS are working to implement a compliance based storage and collaboration service • Focus is on research that requires working with regulated data • Goal is to be compliant with various federal regulations (HIPAA, FISMA, etc.) • Scope is limited to smaller data sets (15-20 GB or smaller) • If you have a specific use case you feel can’t be addressed contact AHC-IS and we will work with you to determine possible solutions Private Data Do’s and Don’ts Do’s • Save University data to a secure, AHC-IS managed file server • Ensure devices accessing University private data are appropriately secured • AHC-IS supported devices meet University guidelines • Use complex passwords to secure devices • Strongly consider creating passwords that exceed the minimum requirements • Periodically review who has access to private data to ensure access is still appropriate • Encrypt private data that is shared with external entities • Encrypt external devices such as USB keys or hard drives if used to store private data 6

  7. Private Data Do’s and Don’ts Don’ts Store private data on non-University owned devices 1 • • Store private data on unencrypted workstations, laptops, or external devices 2 • Use third party cloud services other than Google Drive to store private data • Dropbox, OneDrive, iCloud, etc. • These are not HIPAA compliant and there are no BAAs between these vendors and the University • Post usernames/passwords on monitors or keyboards • This negates encryption completely • Recycle/dispose of a device without proper sanitization 3 1. Data Storage Standard 2. Device Encryption Standard 3. Media Sanitization Standard Mobile Devices in The AHC What Is a Mobile Device • A mobile device is defined as a tablet or smartphone that runs iOS or Android • Users in the AHC are required to configure their mobile devices with additional settings than units outside the AHC iOS Devices (Apple) Android Devices   4 character numeric password, 4 character numeric password   Auto-locks after 15 minutes of inactivity After 10 incorrect password attempts, all data  Requires passcode within 5 minutes of is erased and device is configured to factory screen lock being enabled defaults,   Encryption is enabled (enabled by default Auto-locks after 10 minutes of inactivity  when a passcode is set), The user can remotely reset the passcode,  The user can issue a remote wipe command ring the phone, or wipe the device using via iCloud, http://www.google.com/apps/mydevices  Alternatively, 1-HELP can wipe the device if notified by the device owner. 7

  8. Mobile Devices in The AHC Configuring a Mobile Device for UMN Gmail • Setup guides for iOS devices are located at http://it.umn.edu/configure-ios-mobile-device-google-mail • You must choose “Exchange” as the account type • You must follow the additional instructions for members of the Health Care Component (HCC) • Once properly configured you will be required to configure a passcode • Setup for Android devices are located at http://it.umn.edu/configure-your-android-device-sync-uofm • Once configured Google will prompt you to download an additional component • Once configured you will be required to configure a passcode • Encryption is not enforced do to the numerous variations of Android Mobile Devices in The AHC Reminders • If it is a personally owned mobile device it cannot store University private data • If the device is lost or stolen the user should immediately contact AHC-IS (if they are supported by us) or 1-HELP to assist in performing a remote wipe of the device • The user can initiate a remote wipe themselves if desired; instructions are in the email setup guides • AHC-IS supported users can visit our walk-up tech center in Diehl Hall for assistance configuring mobile devices 8

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

From the Health Commons to Health Extension (HEROs): An Academic Health Center Addresses the

From the Health Commons to Health Extension (HEROs): An Academic Health Center Addresses the

From the Health Commons to Health Extension (HEROs): An Academic Health Center Addresses the Social Determinants of Health Society of Directors of Research in Medical Education Wed. June 17 La Fonda Santa Fe, NM Arthur Kaufman, M.D. Vice

505 views • 38 slides
Center For Colligate Mental Health (CCMH) The Following Trend Data Has Been Collected Over The

Center For Colligate Mental Health (CCMH) The Following Trend Data Has Been Collected Over The

Center For Colligate Mental Health (CCMH) The Following Trend Data Has Been Collected Over The Past 7 Academic Years Nationally. This Data Describes Students Who Visit College Counseling Centers. History Suicide And Self-harm Alcohol And

206 views • 8 slides
Overview Background What influences academic achievement? Behavioral Health and Academic

Overview Background What influences academic achievement? Behavioral Health and Academic

3/4/2020 Irvington, New York February 26, 2020 The Impact of Substance Use on Academic Achievement Amelia M. Arria, Ph.D. Professor Director, Center on Young Adult Health and Development Department of Behavioral and Community Health,

658 views • 37 slides
Integrated Space Planning for the Academic Health Center Joint Meeting of the Medical Center

Integrated Space Planning for the Academic Health Center Joint Meeting of the Medical Center

Integrated Space Planning for the Academic Health Center Joint Meeting of the Medical Center Operating Board and the Buildings and Grounds Committee September 15, 2016 Integrated Space Plan Consultant Team Latimer Health Strategies : Scot

226 views • 18 slides
B. Dierckx de Casterl Academic Center of Nursing and Midwifery Department of Public Health

B. Dierckx de Casterl Academic Center of Nursing and Midwifery Department of Public Health

B. Dierckx de Casterl Academic Center of Nursing and Midwifery Department of Public Health & Primary Care 1 Qualitative research involves any research that uses data that do not indicate ordinal values (Nkwi, Nyamongo &

433 views • 41 slides
Assessing the Impact of an Academic Recovery Program Christine C. Murphy, PhD Academic Success

Assessing the Impact of an Academic Recovery Program Christine C. Murphy, PhD Academic Success

Assessing the Impact of an Academic Recovery Program Christine C. Murphy, PhD Academic Success Center Thomas A. Carnot Data Analyst Elizabeth G. McWilliams Academic Coach M. Elaine Richardson - Director Academic Success Center

718 views • 34 slides
Academic Jobs Nir Menachemi, PhD, MPH Professor and Department Chair Health Policy and Management

Academic Jobs Nir Menachemi, PhD, MPH Professor and Department Chair Health Policy and Management

Academic Jobs Nir Menachemi, PhD, MPH Professor and Department Chair Health Policy and Management Scientist, Center for Biomedical Informatics R ICHARD M. F AIRBANKS S CHOOL OF P UBLIC H EALTH INDIANA UNIVERSITY - IUPUI Data from the NSF Survey of

380 views • 8 slides
Security Data Science Joshua Neil Security Analytics Leader Advanced Security Center EY

Security Data Science Joshua Neil Security Analytics Leader Advanced Security Center EY

Security Data Science Joshua Neil Security Analytics Leader Advanced Security Center EY Powered by Agenda A Background, LANL and the EY/LANL Alliance Traditional Security and Operational Security Data B Science Advanced Analytics:

558 views • 24 slides
NCHA Data: Administrative and Clinical strategies for linking (mental) health and substance

NCHA Data: Administrative and Clinical strategies for linking (mental) health and substance

NCHA Data: Administrative and Clinical strategies for linking (mental) health and substance abuse disorders to academic success. Joy Himmel, Psy D. Director, Health and Wellness Center, Penn St. Altoona Keith Anderson, Ph.D. Psychologist,

887 views • 56 slides
FAIR Sequencing Data Repository based on iRODS Felipe O. Gutierrez AMC - Academic Medical Center

FAIR Sequencing Data Repository based on iRODS Felipe O. Gutierrez AMC - Academic Medical Center

FAIR Sequencing Data Repository based on iRODS Felipe O. Gutierrez AMC - Academic Medical Center - Amsterdam, Netherlands A.C.Camargo Cancer Center - So Paulo, Brazil F. Oliveira Aldo Sjoerd Diogo A.H.C. van Silvia D. P.F.G. De J.T.

217 views • 18 slides
AN OVERVIEW OF THE BRAZILIAN ACADEMIC SECURITY LANDSCAPE 2 AN OVERVIEW OF THE BRAZILIAN ACADEMIC

AN OVERVIEW OF THE BRAZILIAN ACADEMIC SECURITY LANDSCAPE 2 AN OVERVIEW OF THE BRAZILIAN ACADEMIC

MARINHO.BARCELLOS@UFRGS.BR AN OVERVIEW OF THE BRAZILIAN ACADEMIC SECURITY LANDSCAPE 2 AN OVERVIEW OF THE BRAZILIAN ACADEMIC SECURITY LANDSCAPE OVERVIEW CESeg SIG SBSeg symposium Cyber security document issued by CESeg 3 AN

542 views • 21 slides
HealthyhornsTXT A Text Messaging Program to Promote Student Health & Academic Success

HealthyhornsTXT A Text Messaging Program to Promote Student Health & Academic Success

HealthyhornsTXT A Text Messaging Program to Promote Student Health & Academic Success Contributors Elizabeth M. Glowacki, MA Doctoral Candidate, Department of Communication Studies Center for Health Communication Susan Kirtz, MPH Health

530 views • 19 slides
ACADEMIC SUCCESS CENTER Faculty Meeting S eptember 19, 2017 Name change July 1, 2016

ACADEMIC SUCCESS CENTER Faculty Meeting S eptember 19, 2017 Name change July 1, 2016

ACADEMIC SUCCESS CENTER Faculty Meeting S eptember 19, 2017 Name change July 1, 2016 Learning and Advising Center became the Academic S uccess Center The Academic S uccess Center is the primary resource for students at all levels

214 views • 20 slides
HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data

HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data

HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data Security February 2016 Data Security Impacts Design and Delivery of Big Data Projects Data Security frequently is a leading Role Security Impacts

545 views • 23 slides
Innovations in Health Care Reform I ti i H lth C R f Experience of Academic Medical Centers

Innovations in Health Care Reform I ti i H lth C R f Experience of Academic Medical Centers

Innovations in Health Care Reform I ti i H lth C R f Experience of Academic Medical Centers October 28 2011 October 28, 2011 Summary The Academic Medical Center has historically played a leading role in advancing biomedical and

451 views • 14 slides
Security: An Essentially Contested Concept? Week 2 - 4 October 2017 Security as an Academic

Security: An Essentially Contested Concept? Week 2 - 4 October 2017 Security as an Academic

PSI 330 International Security Security: An Essentially Contested Concept? Week 2 - 4 October 2017 Security as an Academic Subject Everything began after the Second World War in the Anglo-American World. They study of Security was

331 views • 17 slides
Authorship in nursing science. Dr Stephen J. OConnor, PhD., MSc., Grad Dip Onc., BSc(Hons),

Authorship in nursing science. Dr Stephen J. OConnor, PhD., MSc., Grad Dip Onc., BSc(Hons),

Authorship in nursing science. Dr Stephen J. OConnor, PhD., MSc., Grad Dip Onc., BSc(Hons), FHEA, RN., Reader, Faculty of Health and Wellbeing, Canterbury Christ Church University. Gr e aus Canterbury! The England Centre for Practice

313 views • 19 slides
CS for All Shriram Krishnamurthi Brown University 1 There are about 3,000 more! Most arent

CS for All Shriram Krishnamurthi Brown University 1 There are about 3,000 more! Most arent

CS for All Shriram Krishnamurthi Brown University 1 There are about 3,000 more! Most arent research universities There are also over 1,500 2-year collleges 2 Coding Academies (Hacker Schools) Urban Feeder/Non-Feeder

851 views • 27 slides
THE EMERGENCE OF MODERN LOGIC Priyedarshi Jetli priyedarshij@yahoo.com The end of logic is not

THE EMERGENCE OF MODERN LOGIC Priyedarshi Jetli priyedarshij@yahoo.com The end of logic is not

THE EMERGENCE OF MODERN LOGIC Priyedarshi Jetli priyedarshij@yahoo.com The end of logic is not the syllogism but simple contemplation . The proposition is, in fact, the means to this end, and the syllogism is the means to the proposition.

566 views • 41 slides
PLAIN PEOPLE belt may be attributed to the surprise settlers persuaded to enter this north aroused

PLAIN PEOPLE belt may be attributed to the surprise settlers persuaded to enter this north aroused

__ L January 1975 Canadian og raph ical Jou rnal A farm lad exhibits the bounty of the northern Ontario farmland. Ontarios Great Clay Belt hoax Donald E. Pugh More than 300 miles 480 km north between 1921 labour, heartache, and bankruptcy.

368 views • 7 slides
AHC Greater Baltimore Quality affordable housing provider Subsidiary of AHC, Inc., based

AHC Greater Baltimore Quality affordable housing provider Subsidiary of AHC, Inc., based

AHC Greater Baltimore Quality affordable housing provider Subsidiary of AHC, Inc., based in Virginia Developed 8 properties in the Baltimore region, with more than 1,200 affordable apartments. Why Rent Reporting? Lack of

439 views • 7 slides
University of Delaware Sabbatical Work Nancy Cotugna, DrPH, RD, LDN Who Am I? Professor of

University of Delaware Sabbatical Work Nancy Cotugna, DrPH, RD, LDN Who Am I? Professor of

University of Delaware Sabbatical Work Nancy Cotugna, DrPH, RD, LDN Who Am I? Professor of community nutrition at UD for the past 31 years Registered dietitian Food Bank of DE board member for many years What a sabbatical is NOT What IS

458 views • 12 slides
Building Models to Predict Hint-or-Attempt Actions of Students Francisco Seth Tyler Neil

Building Models to Predict Hint-or-Attempt Actions of Students Francisco Seth Tyler Neil

Building Models to Predict Hint-or-Attempt Actions of Students Francisco Seth Tyler Neil Castro Adjei Colombo Heffernan The 8th International Conference on Educational Data Mining Madrid, Spain 26-29 June 2015 1 Motivation A great

528 views • 26 slides
Human-Oriented Robotics Unsupervised Learning Kai Arras Social Robotics Lab, University of

Human-Oriented Robotics Unsupervised Learning Kai Arras Social Robotics Lab, University of

Human-Oriented Robotics Prof. Kai Arras Social Robotics Lab Human-Oriented Robotics Unsupervised Learning Kai Arras Social Robotics Lab, University of Freiburg 1 Human-Oriented Robotics Unsupervised Learning Prof. Kai Arras Social

1.32k views • 79 slides

More recommend